The present invention relates to. the discovery of cookies and other client information.
The Internet has proven to be an efficient and popular mechanism for the dissemination of information from web sites to clients. Web sites in many cases are operated by organizations, such as businesses, governmental agencies, educational institutions, and the like, and clients are often consumers who use computers usually located in their dwellings to access the content provided by web sites. However, clients may also be other businesses, governmental agencies, educational institutions, and the like.
The operator of a web site has an interest in the number of clients that access its web site as well as the demographics of those clients. For example, such information is useful in giving an advertiser some assurance that its advertisement will reach enough clients of the type who are typically interested in the product or service offered by the advertiser to warrant placing the advertisement with the web site. Also, such information is instructive to the web site operator in creating web pages for a particular target audience.
In accordance with the present invention, cookies and/or other client information can provide useful information about the usage of a web site by its clients. Cookies are typically downloaded from web sites to the clients that visit them. A web browser executing on a client""s computer sets aside a small amount of memory (usually 0 to 4 kilobytes) for each web site server visited by the client. Accordingly, when the client receives a cookie from a web site, the client""s web browser stores the cookie in the memory set aside for that web site. The contents of the memory, and the length of time it is maintained, are specified by the web site.
A cookie is used by web sites to distinguish web browsers/clients from one another. In other words, a cookie allows a web site to determine whether a client request is received from the same client that previously made some other request, or whether a client request has been received from a wholly different client than the client making the previous request. In short, cookies give web browser client applications uniqueness. This uniqueness is important to a web site""s ability to keep track of the state of each of many client requests. Therefore, cookies permit a web site to distinguish one client from another, to distinguish sessions of use by a single client, and to keep track of many other important aspects of the display of content on a client""s computer.
Cookies are added to the headers of the HTTP transfer protocol. Essentially, when a client makes a request of a web site, the web site may issue a storage directive in the header of its response to the client""s request. Such a directive may look like the following:
Set-Cookie: CUSTOMER=WILE_E_COYOTE; expires=Wednesday, Nov. 9, 1999, 23:12:40 GMT.
In the above example, xe2x80x9cCUSTOMER=WILE_E_COYOTExe2x80x9d is stored by the browser operating on the client""s computer until Nov. 9, 1999. However, a web site need not specify any expiration date for the cookie, in which case the cookie expires when the client""s browser is exited.
Whenever the client again makes a subsequent request to the same web site, the client""s browser will include in the header of such a request the following string from the date that the cookie is originally set until the cookie expires:
Cookie: CUSTOMER=WILE_E_COYOTE.
A web site can overwrite a cookie that it sets at a client""s computer. Also, a web site can store multiple cookies on a client""s computer. In this case, a client""s browser will place the following general statement in the request header when the client makes a request:
Cookie: NAME1=STRING1; NAME2=STRING2; . . .
The general syntax used by a server in setting a cookie is as follows:
Set-Cookie
name=value
[;EXPIRES=dateValue]
[;DOMAIN=domainName]
[;PATH=pathName]
[;SECURE]
The use of the EXPIRES clause in a cookie is described above. The DOMAIN clause in a cookie is optional and is used to specify a set of machines in a DOMAIN that should have access to the cookie content. If a web site does not specify a DOMAIN name for this clause, the DOMAIN clause defaults to the name of the web site that issued the Set-Cookie directive so that only this web site has access to the corresponding cookie. In other words, only a cookie, which matches the DOMAIN specified by a particular web site that set the cookie, will be sent by the client to that web site in the header of an HTTP request. Accordingly, this DOMAIN clause is the fundamental basis for the security of cookies because one web site has no access to the cookies of another web site.
The PATH clause in the cookie is optional and is seldom used. The PATH clause forces a further limitation on when cookie information is sent from the client to the web site. Only requests that lie within the PATH of the specified DOMAIN contain the cookie in the request""s HTTP header.
The SECURE clause in the cookie is also optional and, if set, insures that the cookie is transmitted over a SECURE socket session. If the SECURE clause in the cookie is not set, it is assumed that the cookie data is accessible to any document or CGI program that meets the other DOMAIN and PATH matching properties.
Many web sites currently use cookies to track visitors to their servers. This tracking is easily achieved, for example, by setting a unique cookie (such as a counted sequence or a date/time stamp) for each new client visiting a site. Repeat clients are not re-tagged within the expiration period of previously set cookies. Accordingly, the site can distinguish requests from one client to another.
Web sites, however, generally have no information about their clients other than the clients"" prior visit information. Therefore, web sites do not, as a rule, have demographic information about the clients who visit them.
The present invention is directed to an arrangement in which cookies and/or other client information can be discovered by a third party who can then match the discovered cookies and other information to demographic information, if so desired.
In accordance with one aspect of the present invention, a system comprises first parties, second parties, and a third party interconnected in a network. The first parties are web sites, the second parties are clients of the web sites, and the third party is a central facility. The central facility is arranged to initiate discovery of client information from at least one of the first and second parties.
In accordance with another aspect of the present invention, a method of discovering client information relating to access by the clients of a plurality of web sites comprising the following steps: a) accessing, by each of the clients, a web page stored at a central facility, wherein the web page contains a URL for each of the web sites; and, b) transmitting, from each client either to each of the web sites corresponding to the URLs of the web page or to the central facility, any client information which the client has stored and which corresponds to the URLs.
In accordance with a still further aspect of the present invention, a computer readable storage medium has program code stored thereon. The program code, when executed by a computer of a client, performs the following tasks: a) reading cookies transmitted to the client by plural web sites; and, b) transmitting the cookies to a central facility.